Cloud computing is rapidly changing the Internet into a collection of clouds, which provide a variety of computing resources, storage resources, and, in the future, a variety of resources that are currently unimagined.
This new level of virtualization should have unbounded the physical and geographical limitations of traditional computing, but this is not yet the case largely in part because of current deficiencies associated with security auditing of virtualized resources. That is, enterprises have been reluctant to migrate some of their systems and resources because of the perceived lack of control and security assurances associated with migrated systems and resources.
The very nature of cloud resources (virtualization) means that the resources regularly appear and disappear over time. At the same time, businesses are rapidly moving to use Virtual Desktop Infrastructures. Yet, there is presently no mechanism to accurately perform security audits and checks on cloud based systems.
Furthermore, end users can install any number of applications, get viruses, miss-configure a system, and/or open the system up to security vulnerabilities and hacks. So, as cloud resources appear and disappear over time, there needs to be a way to audit and to check everyday what has occurred with the cloud-based systems as they are used. In this manner, if a security breach has occurred there needs to be some technique to quickly identify what happened; to possibly enroll an enterprise employee in additional security training; and to track exactly what is occurring with an enterprise's cloud based resources.